From a48c82e6f5e2114017de3cdbe21f0285c2f48cfe Mon Sep 17 00:00:00 2001
From: Tristan Ross <tristan.ross@midstall.com>
Date: Fri, 4 Apr 2025 17:05:42 -0700
Subject: [PATCH] selinux-refpolicy: init 2.20250213

---
 pkgs/by-name/se/selinux-refpolicy/package.nix | 63 +++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 pkgs/by-name/se/selinux-refpolicy/package.nix

diff --git a/pkgs/by-name/se/selinux-refpolicy/package.nix b/pkgs/by-name/se/selinux-refpolicy/package.nix
new file mode 100644
index 000000000000..08c73e68b116
--- /dev/null
+++ b/pkgs/by-name/se/selinux-refpolicy/package.nix
@@ -0,0 +1,63 @@
+{
+  lib,
+  stdenv,
+  fetchFromGitHub,
+  gnum4,
+  python3,
+  getopt,
+  checkpolicy,
+  policycoreutils,
+  semodule-utils,
+  policyVersion ? null,
+  moduleVersion ? null,
+}:
+stdenv.mkDerivation (finalAttrs: {
+  pname = "selinux-refpolicy";
+  version = "2.20250213";
+
+  src = fetchFromGitHub {
+    owner = "SELinuxProject";
+    repo = "refpolicy";
+    tag = "RELEASE_${lib.versions.major finalAttrs.version}_${lib.versions.minor finalAttrs.version}";
+    hash = "sha256-VsQRqigGwSVJ52uqFj1L2xzQqbWwQ/YaFI5Rsn/HbP8=";
+  };
+
+  nativeBuildInputs = [
+    gnum4
+    python3
+    getopt
+  ];
+
+  configurePhase = ''
+    runHook preConfigure
+    make conf ''${makeFlags[@]}
+    runHook postConfigure
+  '';
+
+  makeFlags =
+    [
+      "CHECKPOLICY=${lib.getExe checkpolicy}"
+      "CHECKMODULE=${lib.getExe' checkpolicy "checkmodule"}"
+      "SEMODULE=${lib.getExe' policycoreutils "semodule"}"
+      "SEMOD_PKG=${lib.getExe' semodule-utils "semodule_package"}"
+      "SEMOD_LNK=${lib.getExe' semodule-utils "semodule_link"}"
+      "SEMOD_EXP=${lib.getExe' semodule-utils "semodule_expand"}"
+      "DESTDIR=${placeholder "out"}"
+      "prefix=${placeholder "out"}"
+      "DISTRO=nixos"
+      "SYSTEMD=y"
+      "UBAC=y"
+    ]
+    ++ lib.optional (policyVersion != null) "OUTPUT_POLICY=${toString policyVersion}"
+    ++ lib.optional (moduleVersion != null) "OUTPUT_MODULE=${toString moduleVersion}";
+
+  installTargets = "all install install-headers install-docs";
+
+  meta = {
+    description = "SELinux Reference Policy v2";
+    homepage = "http://userspace.selinuxproject.org";
+    platforms = lib.platforms.linux;
+    maintainers = with lib.maintainers; [ RossComputerGuy ];
+    license = lib.licenses.gpl2Only;
+  };
+})